Hey Jonathan,
If you call TA_IsGenuineEx() as per the comments in TurboActivate.h, it sets things up so that if those files and folders aren't later modified by the end-users, you won't need to run privileged again.
However, if the end-user doesn't muck around with those files & folders, then things will start failing (usually with a simple TA_FAIL, rather than a TA_E_PERMISSION). This is the atypical case. Namely, it's the case where a customer blindly modifies the permissions of files.
In the near-ish future we'll make TA better at detecting when end-users do stupid things (thus making it easier for you to fix things and inform the end-user).